class Hkp
simple HKP client for public key search and retrieval
Public Class Methods
# File lib/hkp.rb, line 64 def initialize(options = {}) if String === options options = { keyserver: options } end @keyserver = options.delete(:keyserver) || lookup_keyserver || 'http://pool.sks-keyservers.net:11371' @options = { raise_errors: true }.merge options end
Public Instance Methods
returns the key data as returned from the server as a string
# File lib/hkp.rb, line 103 def fetch(id) result = hkp_client.get "/pks/lookup?options=mr&op=get&search=0x#{URI.escape id}" return clean_key(result) if result rescue Exception raise $! if raise_errors? nil end
fetches key data by id and imports the found key(s) into GPG, returning the full hex fingerprints of the imported key(s) as an array. Given there are no collisions with the id given / the server has returned exactly one key this will be a one element array.
# File lib/hkp.rb, line 116 def fetch_and_import(id) if key = fetch(id) GPGME::Key.import(key).imports.map(&:fpr) end rescue Exception raise $! if raise_errors? end
# File lib/hkp.rb, line 72 def raise_errors? !!@options[:raise_errors] end
hkp.search 'user@host.com' will return an array of arrays, one for each matching key found, containing the key id as the first elment and any further info returned by the key server in the following elements. see tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2 for what that might be. unfortunately key servers seem to differ in how much and what info they return besides the key id
# File lib/hkp.rb, line 84 def search(name) [].tap do |results| result = hkp_client.get "/pks/lookup?options=mr&search=#{URI.escape name}" result.each_line do |l| components = l.strip.split(':') if components.shift == 'pub' results << components end end if result end rescue raise $! if raise_errors? nil end
Private Instance Methods
# File lib/hkp.rb, line 130 def clean_key(key) if key =~ /(-----BEGIN PGP PUBLIC KEY BLOCK-----.*-----END PGP PUBLIC KEY BLOCK-----)/m return $1 end end
# File lib/hkp.rb, line 136 def exec_cmd(cmd) res = `#{cmd}` return nil if $?.exitstatus != 0 res end
# File lib/hkp.rb, line 126 def hkp_client @hkp_client ||= Client.new @keyserver, ssl_verify_mode: @options[:ssl_verify_mode] end
# File lib/hkp.rb, line 142 def lookup_keyserver url = nil if res = exec_cmd("gpgconf --list-options gpgs 2>&1 | grep keyserver 2>&1") url = URI.decode(res.split(":").last.split("\"").last.strip) elsif res = exec_cmd("gpg --gpgconf-list 2>&1 | grep gpgconf-gpg.conf 2>&1") conf_file = res.split(":").last.split("\"").last.strip if res = exec_cmd("cat #{conf_file} 2>&1 | grep ^keyserver 2>&1") url = res.split(" ").last.strip end end url =~ /^(http|hkp)/ ? url : nil end